Generation of policy-rich websites from declarative models
Author(s)
Chang, Felix Sheng-Ho
DownloadFull printable version (23.61Mb)
Other Contributors
Massachusetts Institute of Technology. Dept. of Electrical Engineering and Computer Science.
Advisor
Daniel Jackson.
Terms of use
Metadata
Show full item recordAbstract
Protecting sensitive data stored behind online websites is a major challenge, but existing techniques are inadequate. Automated website builders typically offer very limited options for specifying custom access policies. Manually adding access policy checks to website code is tedious and error-prone, and it is currently not. feasible to automatically verify that a website conforms to its required access policy. Furthermore, policies change over time, and it can be costly to modify an existing website to reflect the changes or to certify that the modified website still complies with the desired policy. This research presents a declarative modeling approach designed to address these issues, where the data model and the access policy are specified using Alloy, and tile Weballoy tool automatically generates a dynamic website that guarantees the access policy by construction.
Description
Thesis (Ph. D.)--Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 2009. Includes bibliographical references (p. 89-93).
Date issued
2009Department
Massachusetts Institute of Technology. Department of Electrical Engineering and Computer SciencePublisher
Massachusetts Institute of Technology
Keywords
Electrical Engineering and Computer Science.